secure database secrets and ensure middleware access

[marycrawford]

Description

Utilize infrastructure as code to automate the creation of the database user and secrets, as well as keeping it secure by storing it in Azure key vault. Passing the values to the middleware to access (while still making sure security is added with the sslmode).

Related Issues

[Link any related issues or tasks from your project management system.]

Checklist

• The title of this PR is descriptive and concise.
• My changes follow the style guidelines of this project.
• Considered an architectural design with a security first approach to keep the secret for the database safe.
• I've let the team know about this PR by linking it in the review channel

[derekadombek]

We should pre-create/manually create vault secrets ahead and bringing them in as data sources similar to how we are with the Resource Group's, like this for example: https://github.com/CDCgov/prime-simplereport/blob/593c56c62847fbf398a0a8cddc5e4069a1499bd1/ops/prod/_data.tf#L50 This is also how CDC azure access will be.

I do agree that we should make things repeatable for whoever follows, however the type of 3tier'd cloud design we have isn't meant to be repeatable. It's meant to reside in a central location and not be able to scale to other organizations as well as other designs.

Unfortunately it looks like we might not have permissions to create key vault secrets at the moment in Azure. I ping'd Josh earlier to see if he can add a role to allow it.

[marycrawford]

We met with Josh Dorothy on Tuesday, November 26 and received permissions. In that meeting you agreed on this architectural design. In that meeting, I re-iterated the manual creation of the secret may not be the best practice or most secure.

[arinkulshi-skylight]

LG pending any changes from Derek!

[arinkulshi-skylight]

We might need to make a separate app.yaml file but this is something we can handle as part of next steps. This looks ok!